Embarking on a SonarQube Cloud trial is the first step towards ensuring your codebase is of the highest quality. But to maximize the benefits, it's essential to approach the trial with a clear plan. In this blog, we'll guide you on how to make the most of your SonarQube Cloud trial period.
Lucky for you, you can start a 14-day trial for your private projects and repositories completely free (public projects are always free). A SonarQube Cloud trial gets you all the features of the application that you can get as a paid subscription. If you’d like to test out SonarQube Cloud before committing to purchase, it’s important that you make the most out of your limited time to get comfortable with the tool and understand if it fits your needs.
Getting started with SonarQube Cloud is easy. You don’t need to speak with a sales rep or request a license key. Just follow these simple steps to maximize the usage of your SonarQube Cloud trial:
1. Integrate with your Development Environment
Visit the SonarQube Cloud Sign Up page to create your free SonarQube Cloud account through your preferred DevOps development environment. Connect it with your preferred platform, be it GitHub, Bitbucket, GitLab, or Azure DevOps.
This will enable real-time feedback, making it easier to catch and rectify code issues as they arise. Your SonarQube Cloud signup account is created and bound to your account on the DevOps platform that you choose. In this blog, we will use GitHub as an example, but you can choose a different provider based on your preference. As a new user, SonarQube Cloud will prompt you to connect your GitHub organization with SonarQube Cloud.
2. Set up your organization in SonarQube Cloud
You can choose one of your existing organizations, join an organization, or create a new organization. An organization is a space where a team or a whole company can collaborate across many projects. On import, a corresponding organization is created in SonarQube Cloud based on the information you provide. All members from your GitHub organization will be added to your SonarQube Cloud organization. As they connect to SonarQube Cloud with their GitHub account, members will automatically have access to your organization.
3. Choose your plan
Next, it’s time to choose your SonarQube Cloud plan. You can start a no-commitment, 14-day trial of SonarQube Cloud for your private repositories completely free by choosing the Paid Plan option. A credit card is required to start your trial. However, please remember that your credit card will not be charged until after your trial has ended and you can analyze private projects for free during your trial period. You will receive an email reminder 3 days before this happens and can cancel your trial at any time! The pricing is based on Lines of Code (LOC) analyzed in private projects.
4. Select the repository you want to analyze
GitHub projects are grouped into GitHub organizations or personal accounts. The next step is to import the projects (that is, individual Git repositories) that you want to analyze from your GitHub organization into your newly created SonarQube Cloud organization. A corresponding, one-to-one SonarQube Cloud project will be created for each imported repository. SonarQube Cloud will present a list of the repositories in your GitHub organization; choose the projects you want to import and select Set Up to get started. Each imported repository becomes a SonarQube Cloud project. Once you import a project, it appears in your Projects list and is ready to be analyzed.
The next step is to set the new code definition (NCD) for your project(s). The NCD is a mandatory step and it defines which part of your code is considered new code. When you do an analysis on your main branch (or other long-lived branches), SonarQube Cloud uses the new code definition to determine which issues you should focus on fixing and highlights these as issues in new code. This helps you to focus your attention on the most recent changes to your code and allows you to follow the Clean as You Code (CaYC) methodology. The guidance to pick the right NCD is provided in the docs.
5. Run your first analysis!
For GitHub repositories, there are two analysis methods available: Automatic analysis and CI-based analysis. Automatic analysis will be triggered instantly for most languages. You can also set up the analysis on your CI/CD tool in just a few minutes. From now on, all new pull requests and your main branch will be automatically analyzed. It’s that easy! For more information, we encourage you to check out this additional interactive demo which offers a step-by-step walkthrough of automatic analysis of C and C++ projects! Note that SonarQube Cloud supports all the popular programming languages to ensure that all of your needs are covered.
During the next 14 days, you will have access to SonarQube Cloud’s full features and functionalities. We recommend trying out the the next four steps to learn more and getting familiar with SonarQube Cloud.
6. Explore SonarQube Cloud
Now that you have completed the first analysis, it is time to explore the SonarQube Cloud user interface and dashboard. The SonarQube Cloud dashboard offers a wealth of information. Spend time understanding metrics like Bugs, Vulnerabilities, and Code Smells that help reduce Technical Debt. By familiarizing yourself with these, you can prioritize the issues that need immediate attention.
7. Quality Profiles and Quality Gates
Quality profiles in SonarQube Cloud are a crucial part of your configuration, as they specify the rules applied during code analysis. Each project can support multiple languages, and SonarQube Cloud automatically selects the appropriate quality profile for each language in that project. To view the defined profiles organized by language, navigate to your organization's Quality Profiles section.
By default, SonarQube Cloud includes a built-in quality profile for each supported language, referred to as the Sonar way profile (indicated with the "BUILT-IN" tag). This profile activates a set of rules suitable for most projects. Quality Gates are another powerful feature in SonarQube Cloud, allowing you to define criteria that your code must meet before it's merged or released. During your trial, set up a Quality Gate and adjust its criteria to match your objectives. In SonarQube Cloud, code quality and security standards are enforced through quality gates.
After analysis, the quality gate takes the resulting metrics and compares them to its defined thresholds to determine if the code meets the requirements for release or merge. Every organization has the built-in Sonar way Quality Gate set as the default that is suitable for most projects. If there are cases where you may want to make adjustments, you can create a new quality gate definition and make it available to projects in the organization or set it as the default for all new projects. To create a new quality gate definition in an organization, you must be an administrator of that organization.
8. Dive Deep into the Issues
While running an analysis, SonarQube Cloud raises an issue every time a section of code breaks a coding rule. The set of coding rules is defined through the associated quality profile for each language in the project. Instead of just skimming through the reported issues, dive deep. Understand why a particular piece of code is flagged, learn from the explanations provided, and apply the recommendations. It's an educational journey that will improve your coding skills. To see an example of how Learn as You Code is implemented within SonarQube Cloud, check out our interactive demo.
9. Explore the PR Analysis
One of SonarQube Cloud's standout features is Pull Request (PR) analysis. Test this feature by creating a PR in your repository. This ensures that every piece of code introduced is analyzed before merging, making your main branch more resilient. SonarQube Cloud decorates the pull request interface of the repository service (GitHub and others), providing the results of its code analysis on the PR branch right in the interface and granting or denying approval of the pull request depending on quality gate criteria. In effect, this augments human code review with automatic code review.
Additional Tips for Your SonarQube Cloud Trial Period
Here are some of our recommendations to ensure that you are taking advantage of SonarQube Cloud has to offer these next two weeks:
Get your whole team involved!
This doesn’t have to be a party for one! With SonarQube Cloud, you can add an unlimited number of users to your private organization, even during your trial period. Membership of an organization is managed on the Members page. This is a great way to test SonarQube Cloud for its team benefits.
Get Familiar with SonarQube Cloud’s Core Concepts
SonarQube Cloud offers tutorials covering many of the tool’s core concepts - Clean as You Code, New vs Overall Code, Quality Gates, and Pull Requests. These lessons will help you understand the core concepts behind SonarQube Cloud, enabling you to get the most out of the product. To start these tutorials, click on the question mark in the navigation and click on “Core Concepts.”
SonarQube for IDE integration
Add the SonarQube for IDE extension to your favorite IDE and find code issues on the fly. SonarQube Cloud rules and analysis settings synchronize to SonarQube for IDE, aligning teams around a single standard of Clean Code.
To recap, at a high level, during your SonarQube Cloud trial, you can expect the following:
- The ability to analyze both public and private projects. If you only want to analyze public projects, you do not need to start a trial, as this is always free
- The ability to add unlimited members to your free or private organizations
- Access to all SonarQube Cloud features and functionalities
- In-product tutorials and notifications that cover key concepts
- Coverage for all the popular programming languages
- Email notifications for when your credit card will be charged so that you can cancel at any time
- SonarQube for IDE integration
- Community Support
- And more!
What are you waiting for? SonarQube Cloud helps you consistently deliver cleaner, safer software that future developers will appreciate and your users will love, and getting started with your private and public projects couldn’t be easier! Visit the SonarQube Cloud Sign Up page to create your free SonarQube Cloud account through your preferred DevOps platform and start your 14-day trial. In no time, you’ll be writing clean, issue-free code that’s ready for production!